ai-tool-compliance

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill requires reading code and attaching evidence and before/after code diffs (and explicitly detects hardcoded sensitive data), which can force the agent to include file contents — potentially exposing API keys/passwords verbatim in its output.